Hướng dẫn digest authentication php example
It is possible to use the header() function to send an An example script fragment which would force client authentication on a page is as follows: Example #1 Basic HTTP Authentication example Hello echo " You entered {$_SERVER['PHP_AUTH_PW']} as your password.";} ?> Example #2 Digest HTTP Authentication example This example shows you how to implement a simple Digest HTTP authentication script. For more information read the » RFC 2617.
$_SERVER['PHP_AUTH_DIGEST'])) {
Instead of simply printing out PHP_AUTH_USER and PHP_AUTH_PW, as done in the above example, you may want to check the username and password for validity. Perhaps by sending a query to a database, or by looking up the user in a dbm file. Watch out for buggy
Internet Explorer browsers out there. They seem very picky about the order of the headers. Sending the WWW-Authenticate header before the
Note, however, that the above does not prevent someone who controls a non-authenticated URL from stealing passwords from authenticated URLs on the same server. Both Netscape Navigator and Internet Explorer will clear the local browser window's authentication cache for the realm upon receiving a server response of 401. This can effectively "log out" a user, forcing them to re-enter their username and password. Some people use this to "time out" logins, or provide a "log-out" button. Example #3 HTTP Authentication example forcing a new name/password
$_SERVER['PHP_AUTH_USER']) || This behavior is not required by the In order to get HTTP Authentication to work using IIS server with the CGI version of PHP you must edit your IIS configuration "
derkontrollfreak+9hy5l at gmail dot com ¶ 8 years ago
kazakevichilya at gmail dot com ¶ 10 years ago
webmaster at kratia dot com ¶ 15 years ago
= array ("mario" => "carbonell"); jake22 at gmail dot com ¶ 6 years ago
Yuriy ¶ 13 years ago
Carlos ¶ 4 years ago
john_2232 at gmail dot com ¶ 6 years ago
$parts; bitman at bitworks dot de ¶ 1 year ago
Louis ¶ 16 years ago
$_POST['logout'] == "logout") { Ome Ko ¶ 12 years ago
Anonymous ¶ 13 years ago
$matches as $m) {
admin at isprohosting dot com ¶ 15 years ago
Nicolas Merlet - admin(at)merletn.org ¶ 15 years ago
xsanychx at mail dot ru ¶ 9 years ago
$_SERVER['PHP_AUTH_PW']!= $pass || $_SERVER['PHP_AUTH_USER'] != $login)|| !$_SERVER['PHP_AUTH_USER'])
gbelyh at gmail dot com ¶ 15 years ago
Robb_Bean at gmx dot net ¶ 8 years ago
vog at notjusthosting dot com ¶ 10 years ago
charly at towebs dot com ¶ 17 years ago
'PHP_AUTH_USER =' . $_SERVER['PHP_AUTH_USER'] . ' roychri at php dot net ¶ 15 years ago
SlamJam ¶ 15 years ago
You are authorized!
spam at angstzustaen dot de ¶ 1 year ago
ceo at l-i-e dot com ¶ 11 years ago
emmanuel dot keller at net2000 dot ch ¶ 19 years ago
dan223 at gmail dot com ¶ 6 years ago
sergio dot carvalho at gmail dot com ¶ 7 years ago
Lars Stecken ¶ 14 years ago
sjeffrey at inquesis dot com ¶ 20 years ago
patrick dot moire at socopa dot fr ¶ 2 years ago
} else { h3ndrik ¶ 10 years ago
Ollie L ¶ 11 years ago
najprogramato at post dot sk ¶ 18 years ago
djreficul at yahoo dot com ¶ 16 years ago
marco dot moser at oltrefersina dot it ¶ 16 years ago
snagnever at gmail dot com ¶ 17 years ago
jason ¶ 18 years ago
kembl at example dot com ¶ 16 years ago
nuno at mail dot ideianet dot pt ¶ 18 years ago
rob at theblip dot com ¶ 18 years ago
s dot i dot g at gmx dot com ¶ 13 years ago
$_GET['logout']))
idbobby at rambler dot ru ¶ 12 years ago
= 'My realm'; web at kwi dot dk ¶ 16 years ago
siberion at hotmail dot com ¶ 17 years ago
Paul ¶ 18 years ago
steuber at aego dot de ¶ 18 years ago
Whatabrain ¶ 15 years ago
|